Lucene search
MitreCVE-2009-3756HistoryOct 22, 2009 - 5:30 p.m.
CVE-2009-3756
2009-10-2217:30:00
CWE-200
mitre
web.nvd.nist.gov
29
cve-2009-3756
phpbms
sensitive information disclosure
remote attackers
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
69.7%
phpBMS 0.96 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) the show action in advancedsearch.php, and (4) choicelist.php, which reveals the installation path in an error message.
Affected configurations
Node
kreotekphpbmsMatch0.96
Related
cvelist
cvelist
CVE-2009-3756
2009-10-22 17:00:00
prion
prion
Information disclosure
2009-10-22 17:30:00
nvd
nvd
CVE-2009-3756
2009-10-22 17:30:00
exploitdb
exploitdb
phpbms 0.96 - Multiple Vulnerabilities
2009-07-10 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
69.7%
Related for CVE-2009-3756